Overview of Security and Symmetric key Encryption Dawn Song dawnsong cs berkeley edu 1 Outline What is security about How to evaluate security of systems Introduction to crypto I symmetric key encryption 2 What is Computer Security about Computing in the presence of an adversary An adversary is the security field s defining characteristic Reliability robustness and fault tolerance Dealing with Mother Nature random failures Security Dealing with actions of a knowledgeable attacker dedicated to causing harm Surviving malice and not just mischance Wherever there is an adversary there is a computer security problem 3 Computer Security History Early history interwoven with military apps First big users of computers First to worry seriously about the potential for misuse Terminology has military connotations Attacker who is trying to attack computer systems Defenders working to protect their system from these threats 4 Analyze to Learn We re going spend a lot of time studying attackers and thinking about how to break into systems Why spread knowledge that will help bad guys be more effective To protect a system you have to learn how it can be attacked Civil engineers learn what makes bridges fall down so they can build bridges that last Software engineering is similar Security is the same and different Why 5 Challenges in Securing Systems Similar Analyze previous successful attacks But deploy a new defense they respond you build a better defense they respond you Need to find ways to anticipate kinds of attacks Different Attackers are intelligent or some of them are Attacks will change and get better with time Have to anticipate future attacks Security is like a game of chess Except the attackers often get the last move 6 Need to Secure System before Depolyment A deployed system is very hard to change Serious consequences if attackers find a security hole in a widely deployed system Goal Predict in advance what attackers might do and eliminate all security holes Reality Have to think like an attacker Thinking like an attacker is not always easy Can be fun to try to outwit the system Or can be disconcerting to think about what could go wrong and who could get hurt What if you don t anticipate attacks Analog cellular phones in the 80 s and 90 s 7 Real World Example Analog Cellular 1970 s analog cellular had no security Phones transmit ID billing info in the clear Assumption attackers wouldn t bother to assemble equipment to intercept info Attackers built black boxes to intercept and clone phones for fraudulent calling Where s the best place to intercept Cellular operators completely unprepared Early 90 s US carriers losing 1B yr 70 of LD cellular calls placed from downtown Oakland on Fri nights fraudulent Problems huge capital investment debt 5 10 yrs huge replacement cost 8 Lesson Learned Failing to anticipate types of attacks or underestimating the threat can be costly Security design requires studying attacks Security experts spend a lot of time trying to come up with new attacks Sounds counter productive why help the attackers but it is better to learn about vulnerabilities before the system is deployed than after If you know about the possible attacks in advance you can design a system to resist those attacks But anything else is a toss of the dice 9 A Process for Security Evaluation How to evaluate the security of a system A three step process Step I security goals What properties do we want the system to have even when it is under attack What are we trying to protect from the attacker Or to look at it the other way around what are we trying to prevent 10 Some Common Security Goals Confidentiality Private information that we want to keep secret from an adversary password bank acct balance diary entry Anything we want to prevent adversary from learning Integrity Want to prevent adversary from tampering with or modifying information Availability System should be operational when needed Must prevent adversary from taking the system out of service at inconvenient times 11 Example CS161 Grades Database One obvious goal is protecting its integrity Don t want you to be able to give yourself an A merely by tampering with grade database Federal law and university rules require us to protect its confidentiality No one else can learn what grade you are getting We probably also want some level of availability So you can check your grades to date and we can calculate grades at the end of the semester 12 Security Goals How to identify security goals Highly application dependent If someone figures out how to violate this goal would it be a security breach If yes you ve found a security goal 13 Step 2 Threat Model and Assessment What kind of threats might we face What kind of capabilities might we expect the adversaries to have What are the limits on what the adversary might be able to do to us What are their motivations and incentives 14 Step 3 Security Analysis Is there an attack within the threat model that can violate the security goals We ll talk about this a lot in class 15 Summary Security Evaluation Step 1 Identify security goals Step 2 Perform a threat assessment Step 3 Security analysis 16 Administravia Staff shortage No reader Pls be considerate of the under staffed situation If you plan to drop the course pls do so soon We ll try to let seniors on the waitlist in Others can take it next time How many have taken 170 162 122 Students have diverse background Pls be understanding no one size fits all 17 3 min Stretch Break 18 Cryptology Cryptology is the study of Cryptography Cryptanalysis Cryptography Literally Crypt secret graphia writing Cryptography the study of how to send secret messages Formally The study of mathematical techniques to enforce security properties Confidentiality integrity etc Cryptanalysis is the study of how to break cryptographic systems 19 Brief History of Cryptography I First phase manual Caesar cypher Romans Permute the alphabet by shifting each letter forward by a fixed amount Caesar cipher with a shift by 3 What s the original message for fubswrjudskb Clearly not very secure Second phase mechanical era Enigma machine a German project to create a mechanical encryption decryption device British effort to break the code Important for WWII estimate shortening war by 1 year 20 Brief History of Cryptography II Third phase Modern Cryptography Relying on mathematics and electronic computers Early roots by Claude Shannon E g One time pad DES by NIST 1970 s 21 Basic
View Full Document
Unlocking...